SEV3 — ElevatedCLOSEDCyberONGOINGUnverified49d ago

Critical Vulnerabilities Identified in Kieback & Peter Building Controllers - US Operations

High-severity cybersecurity vulnerabilities have been detected in Kieback & Peter DDC (Direct Digital Control) building controllers across US locations. These systems typically manage HVAC, lighting, and environmental controls in commercial facilities, potentially affecting building operations at contact centers and BPO sites. Given the Severity 8 classification and presence of major BPO hubs across Texas, Arizona, and Florida, facilities teams should verify building system security and prepare contingency plans for potential environmental control disruptions.

Impact Summary

High-severity cybersecurity vulnerabilities have been detected in Kieback & Peter DDC (Direct Digital Control) building controllers across US locations. These systems typically manage HVAC, lighting, and environmental controls in commercial facilities, potentially affecting building operations at contact centers and BPO sites. Given the Severity 8 classification and presence of major BPO hubs across Texas, Arizona, and Florida, facilities teams should verify building system security and prepare contingency plans for potential environmental control disruptions.

Domain
Cyber
Region
United States, France
Opened By
watchkeeper
May 23, 2026, 09:00 PM UTC
Event Cluster
215 events
OVIX Score
10.0
Closed
master(master-relevance-cleanup)
Jun 2, 2026, 03:33 PM UTC

Timeline12

Incident openedby watchkeeperMay 23, 2026, 09:00 PM UTC
Declared from 1 signals. OVIX 8. News 2. BPO 3. LLM-confirmed.
Severity validatedby autoMay 23, 2026, 09:00 PM UTC
Auto-validated: SEV3 per policy.
Note addedby watchkeeperMay 23, 2026, 10:00 PM UTC
Merged new cluster (1 signals, OVIX 8) — same domain/region, >=3 shared title words, active <24h.
Note addedby watchkeeperMay 23, 2026, 10:30 PM UTC
Merged new cluster (1 signals, OVIX 8) — same domain/region, >=3 shared title words, active <24h.
Note addedby watchkeeperMay 24, 2026, 04:00 AM UTC
Merged new cluster (1 signals, OVIX 8) — same domain/region, >=3 shared title words, active <24h.
Note addedby watchkeeperMay 25, 2026, 04:30 PM UTC
Merged new cluster (6 signals, OVIX 10) — same domain/region, >=3 shared title words, active <24h.
Revalidatedby watchkeeperMay 25, 2026, 09:00 PM UTC
Revalidated: 3 new related signal(s). Next reval in 48h.
Revalidatedby watchkeeperMay 27, 2026, 09:30 PM UTC
Revalidated: 3 new related signal(s). Next reval in 48h.
Revalidatedby watchkeeperMay 29, 2026, 09:31 PM UTC
Revalidated: 2 new related signal(s). Next reval in 48h.
Note addedby watchkeeperMay 31, 2026, 10:00 PM UTC
Flagged persistent: >7d of continuous activity. Switching to weekly revalidation.
Revalidatedby watchkeeperMay 31, 2026, 10:00 PM UTC
Revalidated: 4 new related signal(s). Next reval in 168h.
Incident closedby masterJun 2, 2026, 03:33 PM UTC
Bulk-closed in master-relevance-cleanup (2026-06-02): rebuilding incident board clean per INCIDENT-RELEVANCE-SPEC. Most open incidents were non-WFM cyber CVE noise or No-BPO-Impact weather. Fixed Watchkeeper/scout will re-declare only genuinely relevant incidents.

Evidence / Why this?

Traced to source — read-only
Evidence is not yet available for this incident. Older incidents predate the traceability layer; newly declared incidents will show why they were declared, why their severity was set, geo provenance, and their sources here.

Related Signals20

[US] cyber 8.0 — CP Plus 8 Ch. Network Video Recordersentinel39d ago[US] cyber 8.0 — Fourth Frontier Frontier X Mobile Application, Frontier X2sentinel39d ago[US] cyber 8.0 — Eppendorf BioFlo 320sentinel39d ago[US] cyber 8.0 — KMW CCTV Security Camerassentinel39d ago[US] cyber 8.0 — XCharge C6sentinel39d ago[US] cyber 8.0 — CP Plus 8 Ch. Network Video Recordersentinel39d ago[US] cyber 8.0 — Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Convertersentinel39d ago[US] cyber 8.0 — Fourth Frontier Frontier X Mobile Application, Frontier X2sentinel39d ago[US] cyber 8.0 — Eppendorf BioFlo 320sentinel39d ago[US] cyber 8.0 — MacGregor Voyage Data Recorder (VDR) G4esentinel39d ago[US] cyber 8.0 — KMW CCTV Security Camerassentinel39d ago[US] cyber 8.0 — XCharge C6sentinel39d ago[US] cyber 8.0 — CP Plus 8 Ch. Network Video Recordersentinel39d ago[US] cyber 8.0 — Eppendorf BioFlo 320sentinel39d ago[US] cyber 8.0 — Fourth Frontier Frontier X Mobile Application, Frontier X2sentinel40d ago[US] cyber 8.0 — MacGregor Voyage Data Recorder (VDR) G4esentinel40d ago[US] cyber 8.0 — KMW CCTV Security Camerassentinel40d ago[US] cyber 8.0 — XCharge C6sentinel40d ago[US] cyber 8.0 — Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Convertersentinel40d ago[US] cyber 8.0 — Eppendorf BioFlo 320sentinel40d ago

Affected Regions

US